On July 10, Connecticut Governor Dannel Mallow officially announced the release of the Connecticut Cybersecurity Strategy. The most far-reaching of its kind put forth at the state level, this strategy document outlines how the state expects both public and private...

On March 7, 2017, the self-described “not-for-profit media organization” and whistleblowing website WikiLeaks began releasing the Vault 7 series of documents, which allegedly contain details about activities and capabilities of the CIA to conduct electronic...

A new version of the ISO 27001 information security standard came out about a year ago. While the new release addresses some of the changes in information security best practices since the previous release in 2005, it may not address one of the biggest challenges in...

Recently I have been discussing an interesting project with a potential client that is in the engineering business. This organization needs to provide attestation of their ability to secure critical engineering designs in both the private and public sector. A new...

In December of 2011, FedRAMP was introduced to provide a cost-effective, risk-based approach for the adoption and use of cloud services in the federal government. The idea was to define a set of standardized security requirements for the authorization and ongoing...